Merge branch 'hotfix/media-proxy-uri' into 'develop'

user: fix local vs remote determination in remote_or_auth_active?/1 See merge request pleroma/pleroma!640
2019-01-09 07:09:39 +00:00 · 2019-01-09 07:09:39 +00:00 · 5c5c8508c2
commit 5c5c8508c2
parent 3aee8bb67b 567651fb3f
3 changed files with 98 additions and 13 deletions
--- a/test/user_test.exs
+++ b/test/user_test.exs
@ -784,4 +784,83 @@ defmodule Pleroma.UserTest do
               |> Map.put(:search_distance, nil)
    end
  end
+
+  test "auth_active?/1 works correctly" do
+    Pleroma.Config.put([:instance, :account_activation_required], true)
+
+    local_user = insert(:user, local: true, info: %{confirmation_pending: true})
+    confirmed_user = insert(:user, local: true, info: %{confirmation_pending: false})
+    remote_user = insert(:user, local: false)
+
+    refute User.auth_active?(local_user)
+    assert User.auth_active?(confirmed_user)
+    assert User.auth_active?(remote_user)
+
+    Pleroma.Config.put([:instance, :account_activation_required], false)
+  end
+
+  describe "superuser?/1" do
+    test "returns false for unprivileged users" do
+      user = insert(:user, local: true)
+
+      refute User.superuser?(user)
+    end
+
+    test "returns false for remote users" do
+      user = insert(:user, local: false)
+      remote_admin_user = insert(:user, local: false, info: %{is_admin: true})
+
+      refute User.superuser?(user)
+      refute User.superuser?(remote_admin_user)
+    end
+
+    test "returns true for local moderators" do
+      user = insert(:user, local: true, info: %{is_moderator: true})
+
+      assert User.superuser?(user)
+    end
+
+    test "returns true for local admins" do
+      user = insert(:user, local: true, info: %{is_admin: true})
+
+      assert User.superuser?(user)
+    end
+  end
+
+  describe "visible_for?/2" do
+    test "returns true when the account is itself" do
+      user = insert(:user, local: true)
+
+      assert User.visible_for?(user, user)
+    end
+
+    test "returns false when the account is unauthenticated and auth is required" do
+      Pleroma.Config.put([:instance, :account_activation_required], true)
+
+      user = insert(:user, local: true, info: %{confirmation_pending: true})
+      other_user = insert(:user, local: true)
+
+      refute User.visible_for?(user, other_user)
+
+      Pleroma.Config.put([:instance, :account_activation_required], false)
+    end
+
+    test "returns true when the account is unauthenticated and auth is not required" do
+      user = insert(:user, local: true, info: %{confirmation_pending: true})
+      other_user = insert(:user, local: true)
+
+      assert User.visible_for?(user, other_user)
+    end
+
+    test "returns true when the account is unauthenticated and being viewed by a privileged account (auth required)" do
+      Pleroma.Config.put([:instance, :account_activation_required], true)
+
+      user = insert(:user, local: true, info: %{confirmation_pending: true})
+      other_user = insert(:user, local: true, info: %{is_admin: true})
+
+      assert User.visible_for?(user, other_user)
+
+      Pleroma.Config.put([:instance, :account_activation_required], false)
+    end
+  end
 end